Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-4113 | 1 Hp | 1 Power Manager | 2019-10-09 | 9.3 HIGH | N/A |
Stack-based buffer overflow in HP Power Manager (HPPM) before 4.3.2 allows remote attackers to execute arbitrary code via a long Login variable to the management web server. | |||||
CVE-2009-4000 | 1 Hp | 1 Power Manager | 2019-10-09 | 10.0 HIGH | N/A |
Directory traversal vulnerability in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to overwrite arbitrary files, and execute arbitrary code, via directory traversal sequences in the fileName parameter. | |||||
CVE-2009-2685 | 1 Hp | 1 Power Manager | 2018-10-10 | 10.0 HIGH | N/A |
Stack-based buffer overflow in the login form in the management web server in HP Power Manager allows remote attackers to execute arbitrary code via the Login variable. | |||||
CVE-2011-0280 | 1 Hp | 1 Power Manager | 2017-08-16 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the logType parameter to Contents/exportlogs.asp, (2) the Id parameter to Contents/pagehelp.asp, or the (3) SORTORD or (4) SORTCOL parameter to Contents/applicationlogs.asp. NOTE: some of these details are obtained from third party information. | |||||
CVE-2011-0277 | 1 Hp | 1 Power Manager | 2013-08-03 | 6.8 MEDIUM | N/A |
Cross-site request forgery (CSRF) vulnerability in HP Power Manager (HPPM) 4.3.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts. | |||||
CVE-2009-3999 | 1 Hp | 1 Power Manager | 2012-02-13 | 10.0 HIGH | N/A |
Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to execute arbitrary code via a long fileName parameter. |